Registry Error Please help!

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Thursday 28.11.2024 / 12:16

Search AfterDawn Forums:

afterdawn.com > forums > software, operating systems and more > windows - general discussion > registry error please help!

Browse by topic

Forums

Start a new thread

Registry Error Please help!

Jump to:

Posted

Message

dnc991

Newbie

6. February 2012 @ 02:55

Link to this message

I started out with a problem involving what i thought was a virus. I use Peerblock as a personal firewall and also COMODO firewall but for some reason comodo was unable to start and peerblock gave me a message saying that certain functions from windows were not working right or started. So i went on google trying to find an answer and came across a forum that told me to run "windows repair all in one" which you can find by going to tweaking.com however they also mentioned running three files a bfe.reg, firewall.reg, and a defender.reg. I wanted to get the problem fixed fast so i just did it and thats when i made the problem alot worse. Now i get a registry error which i know is caused by what i did. i also ran malware bytes before adding the reg keys and it took care of the small virus. Im able to get into safemode and perform operations as well. im guessing the problem came from adding the wrong reg files since i think they were talking about running 64 bit versions of windows and im on 32...

heres the link to the forum:
link

This is my error message:

Thank you for any help you can provide if you need more information let me know.

[ + quote]

scorpNZ

AfterDawn Addict

4 product reviews

6. February 2012 @ 04:52

Link to this message

chance are with the multiple firewalls & other junk you have installed is causing diver issues or not,regardless reformat & reinstall will be faster than attempting repair,this time round avoid installing more than one software firewall & one antivirus (you can install a second antivirus software but it must be manual scan type only not realtime),also use easeus todo backup it's free & create "system backups"

unsubscribed

[ + quote]

http://www.afterdawn.com/guides/

aldan

Senior Member

6. February 2012 @ 05:05

Link to this message

tweaking.com?well rather than criticize you,please download,update and run,hijack this.do not fix anything at this time,but rather post a log.

[ + quote]

dnc991

Newbie

6. February 2012 @ 14:06

Link to this message

Well rather then jumping to wipe my computer i think ill go with making a log first and see where that goes
And im a pretty experienced user when it comes to computers and even i know i made a very dumb mistake i just wanted to get the problem fixed fast this is my test computer anyway. Ill get working on that log though thanks for the help.

[ + quote]

dnc991

Newbie

6. February 2012 @ 15:17

Link to this message

Here is the log:

Quote:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:48 PM, on 2/6/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sebastian\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\OFFICE~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\OFFICE~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
O3 - Toolbar: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\office2010\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Sebastian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\OFFICE~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Sebastian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sebastian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\OFFICE~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\office2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\office2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B761F804-0574-4FFE-BD95-29552D0BCA20}: NameServer = 208.67.222.222,208.67.220.220
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 7933 bytes

[ + quote]

aldan

Senior Member

6. February 2012 @ 18:50

Link to this message

i see nothing that i am absolutely sure can be deleted.you can go to the trend micro website and post your log.they have a pretty good discussion forumn.

[ + quote]

dnc991

Newbie

6. February 2012 @ 20:03

Link to this message

nothing to delete in terms of registry keys? or unwanted malware? because the keys that i added seemed to have modified the ones i already had in place but either way i ill go to trend's forum's if you dont think we could find a solution.

thanks

[ + quote]

davexnet

Senior Member

14. February 2012 @ 23:54

Link to this message

Might be a long shot, but do you have system restore available to you?
If so, restore to a point before the problems begun. At least you'll get a clean
registry.

[ + quote]

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - general discussion > registry error please help!


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.